1. Field of the Invention
The present invention relates to the field of communications. More particularly, the present invention relates to a system and method for creating a remote digital agreement formulated through an execution procedure.
2. Description of Art Related to the Invention
Over hundreds of years, written agreements have been used as a vehicle for a variety of purposes, among which is to establish certainty and clarity in business, legal and other types of arrangements between two or more parties to the agreement. In general, one type of an agreement is a "contract", which is defined as a promise or set of promises between two or more parties by which the law allows the party or parties that abide by the terms of the contract to recover damages (e.g., monetary compensation) from the party or parties that breach the contract. Another type of agreement is a stipulation agreement used during litigation in which the parties agree to material facts not in dispute. Although there exists a wide variety of execution schemes, one type of scheme is where the parties to the contract negotiate "at arm's length" to formulate terms of the written agreement (e.g., contract) which are mutually agreeable to the parties.
After agreeing to the terms of the written agreement, the parties select an execution procedure for signing the agreement. The nature of that execution procedure may depend on the importance of the agreement, past dealings between the parties, and many other factors. The execution procedure may be overseen by a "non-signing party" acting as an arbitrator (referred to as "independently-arbitrated agreement execution"), or by the parties themselves in a localized setting (referred to as "mutually-arbitrated agreement execution").
Referring to FIG. 1, mutually-arbitrated agreement execution is generally preferred when all of the parties or the signatories of the agreement 110 can meet at a selected location to execute one or more printed copies of the agreement 120. This guarantees that each party possesses an original copy of the agreement upon adjournment of the meeting. Such meetings are costly and difficult to arrange, especially when the agreement involves a large number of parties.
In the event that the simultaneous assembly of all parties is not feasible or undesirable, an alternative approach may include an independently-arbitrated execution procedure utilizing human arbitration as shown in FIG. 2. For this execution procedure, each signatory 110.sub.1 and 110.sub.2 separately executes one or more copies of the agreement and provides the partially-signed agreements 130.sub.1 and 130.sub.2 to the arbitrator 140 (e.g., a third party who is not a signatory of the agreement). When receiving partially-signed agreements 130.sub.1 and 130.sub.2 from all of the parties, the arbitrator 140 provides a copy of the fully-signed agreement 150.sub.1 and 150.sub.2 back to each signatory 110.sub.1 and 110.sub.2. The disadvantage associated with this execution procedure is that it is entirely dependent on the integrity of the arbitrator 140 to properly follow a static procedure. However, it is apparent that it is quite difficult and costly, especially for parties situated in other countries and/or in different states, to check the integrity of the arbitrator. Likewise, the cost of the arbitration service itself and the time delay in execution of the written agreement may be unacceptable.
Referring now to FIG. 3, another execution procedure (referred to as "non-arbitrated execution") is applicable when the written agreement is of lesser value or when a sufficient degree of trust exists between the "an" signatories ("n" being a whole number, n.gtoreq.3 in this example). One signatory 110.sub.1 starts the execution process by signing the agreement and forwarding the partially-signed agreement 160.sub.1 on to the next signatory 110.sub.2. As each successive signatory receives the partially-signed agreement, it applies its own signature and forwards it to another signatory until the agreement is fully executed. The last signatory 110.sub.n has the responsibility to return copies of the fully-executed agreement 170.sub.1, 170.sub.2, . . . 170.sub.n-1 to all signatories, as did the arbitrator in FIG. 2. This method has the advantage of cost reduction, since the signatories need not be assembled nor is an arbitration fee incurred. The significant disadvantage is that the success of the process is dependent on the integrity of the last signatory who is a party to the agreement. The last signatory is not compelled to redistribute copies of the signed agreement, especially if a business advantage can be gained by being in possession of the only signed agreement.
Recently, a number of states have passed legislation that recognizes private key-based digital signature as legally binding a party to the terms of a digital agreement. A "digital agreement" is an electronic document representing an agreement that is to be digitally signed by all parties to the agreement through their respective private keys. Like written agreements, digital agreements may be executed through independent-arbitration, mutual-arbitration, or non-arbitration execution procedures. However, it is evident that cost and time saving advantages offered by digital agreements would be greatly reduced by following an independently-arbitrated execution procedure or a mutually-arbitrated execution procedure. Thus, it has been desirable for digital agreements to undergo non-arbitrated execution as shown in FIG. 4.
Referring to FIG. 4, after negotiating the terms of the digital agreement 205, a first party at a first node 200 (e.g., computer) normally signs the digital agreement 205 by (i) applying a hash algorithm (e.g., "MD5" algorithm developed by RSA Data Security of Redwood City, Calif.) to the digital agreement 205 to obtain its unique hash value 210, and (ii) encrypting the hash value 210 with an asymmetric cryptographic algorithm (e.g., RSA algorithm) under its private key ("PrKA") to produce a "first digital signature" 215. It is contemplated that such hashing is not necessary, but may be used to reduce the amount of data thereby preserving bandwidth during transmission and memory during storage. Thereafter, at least the first digital signature 215 is transferred to another party at a second node 220. Additional information may be transferred in combination with the first digital signature 215 such as the digital agreement 205 or its hash value 210. Optionally, some or all of this information may be protected during transfer (for privacy purposes) by encrypting with a previously chosen symmetric key.
The execution procedure can be continued in a serial manner by the party at the second node 220 creating its own digital signature 230 (e.g., in this embodiment, hash value 225 encrypted under a private key "PrKB" of the party at the second node 220). Thereafter, an aggregate signature set 235 (including the first and second digital signatures 215 and 230 and possibly additional information) to the next party of the agreement. This procedure may continue for an arbitrary number of parties with the final party at node 240 being responsible for returning the fully-signed digital agreement 250 (i.e., in this case, a hash value of the agreement individually encrypted with the private keys of each party to the digital agreement) to all of the other signatories.
Referring now to FIG. 5, if the first digital signature 215 is created by encrypting the hash value 210 under the private key PrKA, the first digital signature 215 may be validated by any party with access to the hash value 210 or the original digital agreement 205. Such validation is accomplished by decrypting the first digital signature 215 with a well-known public key ("PuKA") associated with the first party at node 200 to produce a resultant value 260. Thereafter, the resultant value 260 is compared to a previously obtained or computed hash value 210 of the digital agreement 205 as shown. If the resultant value 260 and the hash value 210 are identical, the first party is deemed to have signed the digital agreement. This procedure may be performed to validate the signature of any of the signatories.
As realized by viewing FIGS. 4 and 5, this non-arbitrated execution procedure for digital agreement clearly poses a risk to all signatories, except the final signatory 240 in the event that the final signatory 240 fails to return a copy of the fully-signed digital agreement to each of the other signatories 200 and 220. For example, if the agreement requires a first signatory to make a monetary payment, to supply goods, or to provide services to the final signatory and the first signatory has not yet received the fully-signed digital agreement from the final signatory, the first signatory risks breaching the agreement if it does not act in accordance with the terms of the agreement. Moreover, if the final party later decides to not abide by the terms of the agreement, the first party may have only limited legal recourse to retrieve its monetary payment or return of its goods. This is due to the fact that the first party only has a copy of a partially-signed digital agreement, not the fully-signed agreement which may have been erased, destroyed, or never signed by the final party. Regardless of the outcome, this non-arbitrated execution procedure allows the business arrangement to be controlled by the final party signing the digital agreement by the accidental or intentional failure to return the fully-signed digital agreement.
In a recent cryptography publication by Bruce Schneier entitled "Applied Cryptography" (2nd Edition), an overview is presented of protocols for non-arbitrated, "simultaneous" execution of digital contracts, attempting to address the issue of one signatory to a digital contracts having an advantage over another. These are very tedious, communication intensive protocols, based on each signatory taking a great number of steps in the signature process to build up complete signatures from the other signatories. However, this publication fails to provide a simple protocol for arbitrated execution of digital agreements and a protocol that does not exclusively depend on the integrity of the arbitrator.
Therefore, it would be desirous to create a system and method for reducing the risks associated with execution of digital agreements, while maintaining the cost, time, and convenience advantages of remote execution.